Engineer Ii Security
Resume:
SAI BHARATH VADHYAR
240-***-****/ad5od1@r.postjobfree.com/LinkedIn/Blogs
EDUCATION
University of Maryland, College Park – Masters in Cybersecurity Jan 2023-Dec 2024 Sathyabama University, India – Bachelors of Engineering (Electronics and Communications) Aug 2014- Apr 2018 WORK EXPERIENCE
Software Security Engineer II Oct 2021 — Dec 2022
F5 Networks, Hyderabad, India
• Proactively mitigated and resolved over 80% of vulnerabilities and race conditions through rigorous code reviews on REST APIs using SAST and DAST tools, leading to a 30% improvement in the product's overall security
• Directed comprehensive vulnerability assessments utilizing Snyc, Whitesource and Nessus scans, uncovering and rectifying 85% of critical vulnerabilities, achieving a 20% reduction in triage resolution time through collaborative engagement with development teams, and fortifying system resilience with 100% timely fixes.
• Architected test infrastructures for over 15 Proof of Concepts (POCs) and bug triages, incorporating bot detection, SSLO, DNS in hypervisor, and Cloud environments using IAC tools, resulting in a 25% improvement in response
• Automated security testing processes within the pipeline using GITLAB and Jenkins, contributing to a 30% decrease in time-to-detection for potential threats.
• Contributed to bug triages focusing on web proxy modules, DNS security, and REST APIs. Played a pivotal role in reducing resolution time by 20%.
• As a member of security ninja community, participated in security code reviews to detect the possible vulnerabilities in the design phase.
• Developed scripts for SHA512 checksum and system integrity checks during system boot, resulting in enhanced product integrity.
• Architected and delivered proof of concepts for secure boot methodologies tailored to BIGIP virtual edition in GCP environments, meeting specific customer requirements.
• Nominated for the 'Be F5 Award' in recognition of contributions to the 'Secure Boot Feature' and expertise in
'Authentications using Smartcards'.
Product Support Engineer II Apr 2021 – Oct 2021
Zscaler Softech India PVT limited, Bangalore, India
• Managed Zscaler environments, providing expert support to Top 100 and Premium customers, overseeing cloud Security platforms and guiding issue resolution, particularly in Zero Trust configurations (ZIA and ZPA).
• Conducted malware triages by analysing observations from the malware sandbox integrated into the ZIA product.
• Contributed to support and engineering Knowledge base articles detailing product behaviour, aiding fellow engineers, and enhancing resolution times.
• Attained proficient expertise in authentication mechanisms such as OAUTH, SAML, Kerberos, AD, LDAP, and SSO, resulting in a 20% monthly improvement in the resolution time of P1 incidents
• Collaborated with internal security research team with malware triage and forensics analysis of the reported files by the customers and documented the analysis in the private forum for the customers. Network & Security Engineer – Security Engineering Jun 2018 – Apr 2021 Tata communications Limited, India
• Analysed infrastructure requirements for 100+ global customers, optimizing designs and support efforts, resulting in a 20% reduction in time-to-deployments for network and security solutions including firewalls, web application firewalls, routers, and switches in a datacenter environment.
• Integrated Monitoring and SIEM solutions including Splunk and ArcSight into the infrastructure, establishing a proactive alerting system that contributed to a 30% reduction in security incidents.
• Proactively diagnosed and mitigated 90% of DDOS incidents and web application attacks for 150+ customers using Radware ddos and F5 ASM modules, ensuring protection against network and application attacks.
• Implemented policy configurations for NACLs, NATs, dynamic routing protocols, HIDS, NIDS, Load Balancers, and Web Application Firewalls, resulting in a 20% improvement in network security posture and a 90% reduction in false positives.
• Engineered Python and Ansible scripts, alongside Security Orchestration, Automation, and Response
(SOAR) playbooks, to automate monitoring and configurations, achieving a remarkable 75% reduction in human effort.
• Orchestrated the seamless migration of over 500 customers from traditional platforms to Software-Defined Networking
(SDN) platforms, ensuring uninterrupted services and minimizing downtime.
• Engaged in internal research initiatives to minimize dwell time and enhance the incident response process. Successfully contributed to the design of robust incident response processes deployed across multiple datacenter environments.
• Collaborated with the internal risk assessment team to configure infrastructures and develop processes adhering to NIST guidelines.
Technical Skills
Network and web Security: FortiGate 6300F/4800F Firewalls, Cisco ASA 5K series, Palo Alto 5K series, Arbor DDOS, F5(ASM, GTM, LTM, APM), Array Web application firewalls, Cisco Nexus 9K series switches and juniper MX routers, Squid proxy, Fiddler, Wireshark, MTR, Netmon, Splunk, Kibana, Nessus, VMware NSX, Burp suite, Metasploit.
Programming and Scripting Languages: C, C++, C#, Python, and bash, x86 and x64 assembly System and Software Security: CheckMarx, Fortify, Veracode, Acunetix DEVSECOPS tools: Terraform, Cloud Formation, ansible, Jenkins, ELK, Docker, Kubernetes, Debugging Tools: Windows Sys internals Suite, Ghidra, IDA Pro, GDB, x32/x64, Dnspy, Remnux, Flare tools DFIR Tools: Autopsy, YARA, IOC Redline
Security Frameworks: NIST, Mitre att&ck, CyberKillchain Cloud Platforms: AWS, Azure, GCP and Alibaba
CERTIFICATIONS
• GIAC Reverse Engineering Malware (GREM)
• Certified Ethical hacker (CEH)
• eLearn security certified Threat hunting Professional (ETHPV2)
• eLearn security certified junior penetration tester (EJPT)
• Practical Junior Malware Researcher (PJMR)
• HashiCorp Certified Terraform Associate (002)
• Gemalto key-secure Certified Engineer
• Advanced cyber security certificate from Stanford university
• SPLUNK 7.x Foundations
• Certified Network Security Practitioner (CNSP)
• C# for Noobs from Zero-point security
Contact this candidate